Detect CVE-2026-47137 — vm2 Sandbox Escape via nesting:true Bypass (RCE) in Splunk
Detects exploitation of CVE-2026-47137, a critical sandbox escape vulnerability in the vm2 Node.js library (<=3.11.3). This bypass circumvents the CVE-2023-37903 patch by abusing the nesting:true configuration option without an explicit require, enabling full remote code execution from within a sandboxed context. CVSS 10.0.
MITRE ATT&CK
SPL Detection Query
index=* sourcetype IN ("WinEventLog:Microsoft-Windows-Sysmon/Operational", "linux_secure", "osquery:results", "auditd", "node_app_logs")
| eval is_node_parent = if(match(parent_process, "(?i)node(\.exe)?$") OR match(process_name, "(?i)node(\.exe)?$"), 1, 0)
| eval has_vm2_ref = if(match(cmdline, "(?i)vm2") OR match(cmdline, "nesting\s*[:=]\s*true"), 1, 0)
| eval spawns_shell = if(match(cmdline, "(?i)(child_process|exec|spawn|execSync|spawnSync|sh\s+-c|cmd\.exe|/bin/sh|bash\s+-c)"), 1, 0)
| eval outbound_conn = if(sourcetype="stream:tcp" AND direction="outbound" AND dest_ip!="127.0.0.1" AND NOT cidrmatch("10.0.0.0/8", dest_ip) AND NOT cidrmatch("192.168.0.0/16", dest_ip), 1, 0)
| where is_node_parent=1 AND has_vm2_ref=1 AND (spawns_shell=1 OR outbound_conn=1)
| stats count AS event_count, earliest(_time) AS first_seen, latest(_time) AS last_seen,
values(cmdline) AS commands, values(dest_ip) AS remote_ips, values(user) AS users
BY host, process_name, parent_process
| where event_count >= 1
| eval severity="CRITICAL", cve="CVE-2026-47137"
| sort - last_seenSearches Sysmon, Linux audit, and Node.js application logs for vm2 library references within Node.js process trees followed by shell spawning or external network connections indicative of CVE-2026-47137 exploitation.
Data Sources
Required Sourcetypes
False Positives & Tuning
- Build systems running npm scripts that legitimately use vm2 for sandboxed template evaluation and also invoke child processes for compilation
- Node.js microservices that use vm2 for plugin isolation and make legitimate API calls to external services
- Security research environments intentionally testing vm2 in controlled lab settings
- Automated test suites verifying vm2 sandbox behavior that spawn helper processes as part of test fixtures
Other platforms for CVE-2026-47137
Testing Methodology
Validate this detection against 4 adversary techniques from Atomic Red Team. Each test below lists the behaviour to exercise and the telemetry you should expect to see. Executable commands and cleanup steps are available with Pro.
- Test 1vm2 nesting:true Sandbox Escape via CVE-2026-47137
Expected signal: Sysmon EventID 1 showing node process spawning with vm2 in command line; child_process.execSync call visible in process arguments; file creation event for /tmp/vm2_escape_proof.txt
- Test 2vm2 Vulnerable Version Installation and Verification
Expected signal: npm install process spawning with [email protected] argument; file creation events under /tmp/vm2_test/node_modules/vm2/; network connection to npm registry (registry.npmjs.org:443)
- Test 3vm2 Reverse Shell Simulation Post-Escape
Expected signal: Network connection from node process to 127.0.0.1:9999 (or configured beacon host); curl child process spawned from Node.js parent; DNS/HTTP request with CVE identifier in URI path
- Test 4vm2 nesting Bypass with Prototype Chain Traversal (Variant)
Expected signal: Node.js process with vm2 in command line; fs.writeFileSync call resulting in file creation event at /tmp/vm2_variant_proof.txt; no child process spawned in this variant
References (6)
- https://github.com/patriksimek/vm2/security/advisories/GHSA-m4wx-m65x-ghrr
- https://github.com/patriksimek/vm2/commit/01a7552add345d5a6862623884e6b79a85bf0568
- https://github.com/patriksimek/vm2/commit/86ab819f202c3a8dad88cef5705f2e416c5188d7
- https://github.com/patriksimek/vm2/releases/tag/v3.11.4
- https://nvd.nist.gov/vuln/detail/CVE-2026-47137
- https://github.com/advisories/GHSA-m4wx-m65x-ghrr
Unlock Pro Content
Get the full detection package for CVE-2026-47137 including response playbook, investigation guide, and atomic red team tests.